When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
On June 18, 2024, California Attorney General (AG) Rob Bonta announced a third CCPA enforcement settlement, this one with Tilting Point Media LLC. Tilting Point was allegedly using its mobile app game "SpongeBob: Krusty...more
In a joint press release published on June 18, the California Attorney General and Los Angeles City Attorney announced a settlement with Tilting Point Media LLC (Tilting Point) in connection with alleged violations of the...more
On June 10, 2024, the U.S. Justice Department announced that together with the Federal Trade Commission, it filed an amended complaint against telehealth company Cerebral Inc., Cerebral’s founder and former Chief Executive...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
According to Chair Lina Khan, the Federal Trade Commission (“FTC”) recent action against Avast Limited and its subsidiaries for $16.5 million is the “highest monetary remedy in a de novo privacy violation case” and the first...more
The Federal Trade Commission (FTC) recently published a post on their Business Guidance Blog discussing lessons learned from three enforcement actions against sellers of genetic testing products. These guidelines address...more
Data is what makes the modern business world go around. But as the amount of data that organizations collect and process grows, so, too, do concerns about data security and how organizations respond to DSARs. These...more
Report on Patient Privacy Volume 22, Number 11. (November 2022) Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more
As we discussed last year, the California Attorney General’s Office (“OAG”) has been wielding its enforcement authority under the California Consumer Privacy Act since the law became enforceable in July 2020. But for two...more
Last week, the United States Department of Justice, acting on behalf of the Federal Trade Commission, took action against Twitter, Inc. for allegedly using private account security data to sell targeted advertisements without...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
Case Overview - This week’s U.S. Securities and Exchange Commission enforcement cease-and-desist order (Order) In re App Annie Inc., out of the SEC’s San Francisco Regional Office, underscores the importance of taking...more
On May 11, 2021, the Centers for Medicare & Medicaid Services (CMS) of the U.S. Department of Health & Human Services published an interim final rule/guidance to establish COVID-19 vaccination requirements for Long-Term Care...more
On April 29, 2021, the Federal Trade Commission (“FTC”) announced a record $20 million settlement with Vivint, a Utah-based smart home security and monitoring company. This settlement represents the largest in FTC history for...more
On March 2, 2021, the Commonwealth of Virginia enacted the Virginia Consumer Data Protection Act (VCDPA). The new law makes Virginia the second state in the United States to enact a comprehensive data privacy regime,...more
2020 AG Elections- New Leadership Team at the Republican Attorneys General Association- •The Republican Attorneys General Association (“RAGA”) announced the election of the leadership team for its Executive Committee...more
In the midst of the COVID-19 pandemic, the Office of the National Coordinator for Health Information Technology (ONC) published the final Information Blocking Rule. This rule is widely seen as a game-changer that will have...more
Earlier this month, the U.S. Supreme Court agreed to hear a pair of cases that provide it with the opportunity to severely restrict the Federal Trade Commission’s (“FTC’s”) authority to obtain equitable money relief in...more
IT companies face higher fines in Russia for noncompliance with data privacy and content moderation rules. In December 2019, Russia imposed large fines for certain types of violations of the Russian data privacy and...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services imposed a $1.6 million civil money penalty (CMP) against the Texas Health and Human Services Commission, Department of Aging and Disability...more
Cyberliability insurance provider Beazley Insurance Company has analyzed its internal breach response data and determined that in its experience, there has been a thirty-seven percent (37%) increase in ransomware attacks this...more
A draft law proposed in Russia would introduce severe monetary fines for noncompliance with Russia’s data protection law, including the data localization requirement, and violations of various internet activity laws. ...more
The Federal Trade Commission announced its settlement with Facebook on the same day that Robert Mueller testified before the House Judiciary Committee. While this may have been calculated to take Facebook off the front page,...more
The California Consumer Privacy Act (CCPA), which we discussed last year, goes into effect on January 1, 2020. Its record-keeping requirements become effective on July 1, 2019. If your small- or medium-size business is based...more
The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more